[mod_python] "TypeError: argument 2 must be a mapping" and other things

Jorey Bump list at joreybump.com
Tue Sep 20 18:05:36 EDT 2005

David Badawi wrote:
> how about acl.execute("SELECT * FROM acl WHERE c = %s
> AND d
>  = %s;" % (cID, dID))???

This will work, but is not as secure as using placeholders. It's a 
recipe for SQL injection.

More information about the Mod_python mailing list